Otherwise, we'll assume you're OK to continue. (For a full list of all identified SMS messages, see Appendix-II. NSO Group Technologies (NSO standing for Niv, Shalev and Omri, the names of the company's founders) is an Israeli technology firm whose spyware called Pegasus enables the remote surveillance of smartphones. Constantly analysing what he should and shouldn’t say in his digital communications exerted significant psychological pressure on him. This visit was followed by a redirect to the same domain, but provided with additional arguments: hxxps://bun54l2b67.get1tn0w.free247downloads[.]com:30495/szev4hz#048634787343287485982474853012724998054718494423286. Mexico, Morocco, and Thailand were also singled out for torture, murders, disappearances and other abuses by government agencies and security forces. We believe this is what happened with Maati Monjib’s phone. They …   |   Die Aufgaben und die Komplexität der heute digitalisierten Welt haben sich geändert und wir sind mitgewachsen, haben die Sprach- und Verständnisbarrieren zwischen Technikern und Nicht … 408 0 obj <> endobj These crash logs are stored on the phone indefinitely, at least until the phone is synced with iTunes. Additional evidence found on the phone reinforces this suspicion. Maati Monjib’s fears were proven to be true. The journalist, Omar Radi, was targeted by surveillance software capable of tracking texts, calls, emails, camera, and more — just days after NSO Group, the Israeli surveillance software company, … Surveillance in Morocco is carried out in an open and brazen way… Surveillance is a type of punishment. NSO Group ‘s surveillance spyware made the headlines again, this time the malware was used to spy on 2 rights activists in Morocco according Amnesty International. Read more about Morocco used Israeli malware to spy on journalists . This is increasingly making it difficult for HRDs and activists to exercise their rights to freedom of expression and association, and peaceful assembly. While there are significant legal and contractual constraints concerning our ability to comment on whether a particular government agency has licensed our products, we are taking these allegations seriously and will investigate this matter in keeping with our policy. These targeted digital attacks against two Moroccan HRDs are symptomatic of a larger pattern of reprisals against HRDs and dissident voices being carried out by Moroccan authorities. We believe this is a symptom of a network injection attack generally called “man-in-the-middle” attack. We believe it was a deliberate clean-up executed by the spyware in order to remove traces that could lead to the identification of the vulnerabilities actively exploited. If you received similar SMS messages to those described in this report, you can share them with us by writing to the following email address: “As per our policy, we investigate reports of alleged misuse of our products. During the course of his trial he received death threats and his family was intimidated over the phone. Indian journalists reported among targets of alleged NSO Group WhatsApp hack October 31, 2019 2:29 PM EDT New York, October 31, 2019—The Committee to Protect Journalists is alarmed by news reports that several journalists in India have been notified that they were among the targets of suspicious WhatsApp contact that may have been used to install advanced surveillance technology on their phones. ]biz/yTnWt1Ct, ALQODS RESTERA TOUJOURS LA CAPITALE DE LA PALESTINE SAUVEZ LA VILLE SAINTE EN SIGNANT CETTE PETITION hxxp://tinyurl[. Additionally, a similar network injection capability was briefly described in a document named "Pegasus – Product Description" – apparently written by NSO Group – that was found in the 2015 leak of the competing Italian spyware vendor, Hacking Team. Résumé. With network injection spyware attacks, the attacker requires either physical proximity to the targets or access over national mobile networks (which only a government can authorise), further indicating that the Moroccan authorities were responsible for the attack against Radi. With the revelations detailed in this report, it has become increasingly obvious that NSO Group’s claims and its human rights policy are an attempt to whitewash rights violations caused by the use of its products. Der Name NSO GmbH (Netzwerk Systemadministration und Onlineservices) hat uns über 16 Jahre treu begleitet. In the absence of adequate transparency on investigations of misuse by NSO Group and due diligence mechanisms, Amnesty International has long found these claims spurious. NSO Group has repeatedly said it only sells its technology to governments. Through this, an attacker with privileged access to a target’s network connection can monitor and opportunistically hijack traffic, such as web requests. (I?�6�M�q�Q����\�7000vtt0d0H4�50yt0x0� I&� CF3�#�R� "#�:;:%:�:��1c�8��E�X Oct 10, 2019 | CYBERSCOOP Hackers potentially working on behalf of a foreign government have targeted Moroccan human rights advocates with malicious software built by NSO Group, a controversial spyware vendor, according to Amnesty International. ]com/y93yg2sc, Nhar lekbir c'est le vendredi 24 Novembre ! That’s why contracts with all of our customers enable the use of our products solely for the legitimate purposes of preventing and investigating crime and terrorism. You can use this tool to change your cookie settings. Amnesty International urges the NSO Group to conduct a transparent investigation and awaits concrete action that adequately addresses the concerns raised in this report. These were carried out through SMS messages carrying malicious links that, if clicked, would attempt to exploit the mobile device of the victim and install NSO Group’s Pegasus spyware. We have placed cookies on your device to help make this website better. Once the phone is exploited and Pegasus is installed, it begins contacting the operator’s command and contr… Tamara Nassar 23 June 2020. This may include suspending or immediately terminating a customer’s use of the product, as we have done in the past. Our analysis of Maati Monjib’s phone showed that, on one occasion, all these crash files were wiped a few seconds after one of these Safari redirections happened. This type of redirection would only be possible when the request is in clear text, and not protected with Transport Layer Security (or TLS, which is essentially the https:// you sometimes see in links), as was the case with http://yahoo.fr. After checking his devices for evidence of targeting, Amnesty International was able to confirm that Abdessadak El Bouchattaoui was indeed targeted repeatedly with malicious SMS messages that carried links to websites connected to NSO Group’s Pegasus spyware. Your choice regarding cookies on this site The organization found that Radi's phone was subjected to several attacks using a "sophisticated new technique" that silently installed NSO's Pegasus spyware. According to our research, these targeted attacks have been ongoing since at least 2017. Earlier this month, the NSO Group also released its Human Rights Policy. Le siège social de NSO Group en Israël. This affected his sense of psychological well-being and made it difficult for him to carry out his work. Amnesty International collected evidence of new abuses of the NSO Group ‘s surveillance spyware, this time the malware was used to spy two rights activists in Morocco. The targeting of Radi came at a time when he was being repeatedly harassed by the Moroccan government between January 2019 and January 2020. In conclusion, because of the domain names and the characteristics of the links sent to Maati Monjib and Abdessadek El Bouchattaoui via SMS we can assume that, if clicked, they would have resulted in an attempted exploitation of their devices and the subsequent infection NSO Group’s Pegasus spyware, enabling the attackers to exercise complete monitoring of the victims’ communications and other data. Amnesty International said Sunday its security team found evidence of abuse on a Moroccan journalist’s cell phone that can be tied back to spyware developed by NSO Group. This charge was leveled simply for promoting a mobile application for citizen journalism that protected users’ privacy. Amnesty International has uncovered targeted digital attacks against two prominent Moroccan Human Rights Defenders (HRDs) using NSO Group’s Pegasus spyware. Archives Un rapport documenté de Citizen Lab affirme que le Maroc, à travers ses instances sécuritaires, fait partie des Etats clients de Circles Systems, une filiale de la firme israélienne NSO Group qui commercialise des technologies de surveillance controversées. ]com, have been previously identified and disclosed by Amnesty International as part of NSO Group‘s exploitation infrastructure. Amnesty International has discovered that since at least October 2017, HRDs from Morocco have been targeted with the infamous “Pegasus“ spyware produced by the Israeli company ‘NSO Group’. %%EOF Espionnage : Le Maroc serait client de Circles, filiale de l'Israélien NSO Group. Maati Monjib, 57, is a historian and a columnist, co-founder of the NGO Freedom Now (dedicated to protecting the rights of journalists and writers), and co-founder and a leading member of the Moroccan Association for Investigative Journalism (AMJI). In addition to SMS messages, we identified what appear to be network injection attacks against a HRD’s mobile network also aimed at installing spyware. I need to constantly analyze the consequences of what I say and the risk that this may lead to defamatory accusations against me. Amnesty International wrote to the NSO Group and Novalpina Capital to seek their response on the information detailed in this report. Aux côté de 24 pays au monde, le Maroc a été cité comme client potentiel pour les produits de l’entreprise Circles, filiale de le la société israélienne NSO, dans une nouvelle die NSO GmbH wurde in die feelgood-IT GmbH >> https://www.feelgood-it.de << umbenannt. Currently, we do not have sufficient information to conclusively attribute these suspected network injection attacks to NSO Group’s products or services. Abdessadak El Bouchattaoui had also long suspected that his digital communications were being monitored. One message carrying a link with this domain showed the same characteristics as typical Pegasus SMS messages. Two domain names from links delivered to Maati Monjib and Abdessadek El Bouchattaoui, stopsms[. Amnesty International can reveal that the two targets are Maati Monjib, an academic and activist working on issues of freedom of expression, and Abdessadak El Bouchattaoui, a human rights lawyer involved in the legal defence of protestors in a social justice movement in Hirak El-Rif that took place across 2016 and 2017. Son ancien président du bureau dirigeant était le général en retraite Avigdor Ben-Gal, ancien responsable d'Israel Aircraft Industries dans les années 19901. This database not only keeps individual records of particular links being visited, but it also records the origin and destination of each visit. As he visited yahoo.fr, his phone was being monitored and hijacked, and Safari was automatically directed to an exploitation server which then attempted to silently install spyware. Amnesty International has uncovered targeted digital attacks against two prominent Moroccan Human Rights Defenders (HRDs) using NSO Group’s Pegasus spyware. The NSO Group says that it licenses products “only to government intelligence and law enforcement agencies” to investigate serious crime. Espionnage: le Royaume du Maroc serait un client de Circles, filiale de l’Israélien NSO Group Aux côté de 24 pays au monde, le Maroc a été cité comme client potentiel pour les produits de l’entreprise Circles, filiale de le la société israélienne NSO, dans une nouvelle … A new investigation led by Amnesty International revales that NSO Group, the Israeli company marketing its technology in the fight against COVID-19, contributed to a sustained campaign by the government of Morocco to spy on Moroccan journalist Omar Radi. He is an important voice on issues of freedom of expression in Morocco. Since 2015, Maati Monjib believed that he has been under digital surveillance by Moroccan authorities. Amnesty International is calling on the Moroccan authorities to drop the charges against Monjib and his co-defendants. Safari records its entire browsing history in a SQLite database stored on the device (and exportable through an iTunes backup procedure). En octobre 2019, Amnesty International a publié un premier rapport sur l’utilisation d’un logiciel espion produit par l’entreprise israélienne NSO Group en vue de cibler des défenseurs des droits humains marocains, Maati Monjib et Abdessadak El Bouchattaoui. June 22, 2020 By Pierluigi Paganini Researchers at Amnesty International collected evidence that a Moroccan journalist was targeted with network injection attacks using NSO Group ‘s spyware. ]” instead of dots or “hxxp” instead of “http”, in order to avoid accidental clicks or copy & paste.). According to our research, these targeted attacks have been ongoing since at least 2017. These suspicions are now definitively confirmed. Citizen Lab survey lists Morocco as customer of Circles, a subsidiary of Israel’s NSO Group. We confirmed Maati Monjib had already been targeted with NSO Group’s Pegasus spyware via malicious SMS messages. Amnesty International is calling on the Moroccan authorities to quash the conviction against him. In October 2019, in response to our report that NSO Group’s tools were used to unlawfully target HRDs in Morocco, NSO Group told Amnesty International in a letter: “Our products are developed to help the intelligence and law enforcement community save lives. Abdessadak El Bouchattaoui, is a lawyer and HRD. 0522647000 STOPSMS: hxxps://stopsms[. NSO Group publicly committed to abide by the UN Guiding Principles on Business and Human Rights on 10 September. Toute l'actualité NSO_Group du Maroc et des Marocains à travers le Monde. Pour ne plus recevois nos SMS : hxxp://stopsms[. Another domain we found in SMS messages sent to Moroccan HRDs, revolution-news[. Amnesty International suspects that the NSO Group may also be behind these network injection attacks. News NSO_Group Maroc. h�bbd```b``^"W�Is��D2U�e���`R,�����d���o���`vX�j9g ��� �� WAl�P�� H�/�������g`����1�3@� DiZ ]com/y73qr7mb, فضيحة أخلاقية داخل مقهى بورتز في حي أكدال بالرباط \r\nلمشاهدة الفيديو الذي يوثق الفضيحة hxxps://videosdownload[. In order to meet that responsibility, NSO Group must carry out adequate human rights due diligence and take steps to ensure that HRDs in Morocco do not continue to become targets of unlawful surveillance. Morocco used Israeli malware to spy on journalists. In 2015, Moroccan authorities accused him (and four others) of “threatening the internal security of the state” through “propaganda” that may threaten “the loyalty that citizens owe to the State and institutions of the Moroccan people” under Article 206 of the Penal Code, according to official court papers. While analysing the iPhone of Maati Monjib, who we confirmed above was targeted with NSO Group’s Pegasus spyware using malicious SMS links, we observed some suspicious traces which we believe are indicative of some peculiar exploitation attempts. NSO Group, the Israeli company marketing its technology in the fight against COVID-19, contributed to a sustained campaign by the government of Morocco to spy on Moroccan journalist Omar Radi, a new investigation by Amnesty International reveals. In this case, the attackers cleverly crafted the attack to appear like a flood of automated spam SMS messages with the same text, and offering the malicious link as a way to stop receiving them. Our products are developed to help the intelligence and law enforcement community save lives. ]biz/2Kj2ik6, Le BackFriday continue exceptionnellement aujourd'hui chez CityClub!Dernière chance de s'offrir 15MOIS de fitness à 1633!\r\nDemain il sera trop tard 0522647000 STOPSMS: hxxps://stopsms[. 0 Dans un nouveau rapport publié le 22 juin, nous révélons que l’entreprise israélienne, NSO Group, qui commercialise sa technologie pour combattre la pandémie de COVID-19, a favorisé une intense campagne menée par le Maroc pour espionner le journaliste marocain Omar Radi. Further analysis of the device led us to identify at least four similar injection attempts between March and July 2019. The targeting of Maati Monjib and Abdessadak El Bouchattaoui, simply for carrying out human rights work, is unlawful according to principles laid out in international human rights law. Refunds of donations. It is part of their strategy to make you suspect you’re being watched so you feel like you’re under pressure all the time. Omar Radi is the latest journalist to have his phone compromised by NSO Group. Further, Moroccan authorities should disclose the details of any deals carried out with the NSO Group and should ensure that HRDs are protected from unlawful surveillance through adequate legal and policy safeguards that are in line with international standards, including by providing effective legal remedies for people to challenge violations of their human rights linked to surveillance. If an investigation identifies actual or potential adverse impacts on human rights we are proactive and quick to take the appropriate action to address them. The trial in this case is ongoing. Amnesty International claims that Israeli firm NSO Group’s spyware was used in a sustained campaign by Morocco’s government to spy on Moroccan journalist Omar Radi, with one attack occurring days after NSO pledged to prevent its technology from being used in human rights abuses. If you are talented and passionate about human rights then Amnesty International wants to hear from you. h�b```���@��(���1�B���G�kg6��l��/̼�������RE�B>�a^���tu��Y3�[���Kd���>A�M:~�~�����o��n��N���$�����ɩ��? They could be imprisoned for up to five years if found guilty. SMS messages sent to Moroccan Human Rights Defenders, as documented in this report, also carry similar links to the same set of Internet infrastructure attributed to NSO Group. By inspecting Maati Monjib’s Safari browsing history we found visits to suspicious links that did not originate from SMS or WhatsApp messages. Amnesty International met Maati Monjib and checked his devices for traces of targeting. This means that only select individuals would have been targeted. 431 0 obj <>/Filter/FlateDecode/ID[<00C540067418FF46B53C963391A56DB3>]/Index[408 39]/Info 407 0 R/Length 111/Prev 638556/Root 409 0 R/Size 447/Type/XRef/W[1 3 1]>>stream Privacy Policy ]com/y9hbdqm5 \nvous pouvez consulter nos offres du moment, Vous l'avez demandé,CityClub l'a fait!Grand retour du BLACKFRIDAY vendredi 24/11!\r\nRéservez votre carte promo 15 mois à 1633dh! This allows us to reconstruct redirections and the chronology of web requests.   |   This even applies to very practical things like arranging meetings or a dinner downtown. This is not the first time that spyware manufactured by the NSO Group has been used against HRDs. Soyez au Rendez-vous sur notre site :hxxp://tinyurl[. In June 2018 Amnesty International documented the targeting of an Amnesty staff member and a Saudi HRD using NSO Group‘s Pegasus. In February 2017, a court in Al Hoceima sentenced him to 20 months in prison and a fine for online posts in which he criticized the use of excessive force by the authorities during the protests. Permissions NSO Group’s Pegasus tool is used for targeted attacks and by design, is not meant for mass surveillance. Instead, the browser history indicates that the page immediately (in less than 3 milliseconds) redirected to a very suspicious looking site: hxxps://bun54l2b67.get1tn0w.free247downloads[.]com:30495/szev4hz. In this case, because the targeted device is an iPhone, connecting through a mobile line only, a potential vantage point could be a rogue cellular tower placed in the proximity of the target, or other core network infrastructure the mobile operator might have been requested to reconfigure to enable this type of attack. ��P�G,S���1�`����x�q�9���LJL�a����V��u�`������{�'������4#� m��9q�ff`�愇�#�^u�*FS� � l� Normally, the browser would be immediately redirected by Yahoo to its default TLS-secured site at https://fr.yahoo.com/. However, Morocco has denied these accusations claiming that it has never had a relationship with NSO Group, the company in charge of designing this type of software. As laid out in the UN Guiding Principles on Business and Human Rights, the NSO Group and their primary investor, the UK-based private equity firm Novalpina Capital, should urgently take pro-active steps to ensure that they do not cause or contribute to human rights abuses within their global operations, and to respond to any human rights abuses when they do occur. Such a network vantage point could be any network hop as close as possible to the targeted device. (Note: with each attempt, the redirected URL would change slightly with different subdomains, port number, and URI.). ]co/nBBJBIP, فاجعة الصويرة تسقط أول المسؤولين أمام القضاء hxxps://infospress[. If we ever discover that our products were misused in breach of such a contract, we will take appropriate action.”, Nouveau à temara La 1 ère fois à Bd Fouarate Apparts avec jardin ,grandes piscines & Salle sport + 2 piscines chauffées 7/7 6000/m2. We asked NSO Group to respond to the revelations detailed in their report. This month, Amnesty International identified two Moroccan activists targeted by attempts to install Pegasus since at least October 2017. However considering the technical similarities to other Pegasus infections, the fact that Monjib has already been targeted with NSO Group’s software and the fact that NSO Group advertise the network injection capability we suspect was used in this attack, there is reason to believe that NSO Group’s tools may also have been used in this attack. Since he began his work on defending protestors in Hirak, Abdessadak El Bouchattaoui was also fairly certain that he was under surveillance by the state. NSO Group, entreprise israélienne commercialisant sa technologie pour combattre la pandémie de COVID-19, a favorisé une intense campagne menée par le Maroc pour espionner le journaliste marocain Omar Radi, a révélé Amnesty International dans un nouveau rapport d’enquête rendu public lundi 22 juin. Une fois ce postulat vide établi, il est devenu déterminant pour Amnesty de relier «NSO Group» au Maroc, malgré l’aveu préliminaire de cette ONG, sur le fait «qu’elle ne dispose d’aucune preuve sur l’achat, par Rabat, de cette technologie». Read more about Israeli court backs notorious spy firm NSO Group . The full response from the NSO Group is included in Appendix-I, wherein they reiterate that allegations of misuse would be investigated. La société a débuté financée par un groupe d'investisseurs menés par Eddy Shalev, un partenaire dans le fonds d'investissement Genesis Partners. 446 0 obj <>stream He is a part of the legal defence team for people imprisoned for participating in the social justice protests in the Hirak El-Rif across 2016 and 2017. Because this attack is executed “invisibly” through the network instead of with malicious SMS messages and social engineering, it has the advantages of avoiding any user interaction and leaving virtually no trace visible to the victim. They can be found in Settings > Privacy > Analytics > Analytics Data. Le groupe y a investi 1,8 million de dolla… Saudis put Palestinians on trial over vague claims . Whenever an application crashes, iPhones store a log file keeping traces of what precisely caused the crash. NSO Group, entreprise israélienne commercialisant sa technologie pour combattre la pandémie de COVID-19, a favorisé une intense campagne menée par le Maroc pour espionner le journaliste marocain Omar Radi, a révélé Amnesty International dans un nouveau rapport d’enquête rendu public lundi 22 juin. Espionnage: le Royaume du Maroc serait un client de Circles, filiale de l’Israélien NSO Group Aux côté de 24 pays au monde, le Maroc a été cité comme client potentiel pour les produits de l’entreprise Circles, filiale de le la société israélienne NSO, dans une nouvelle enquête du … Israel-based “Cyber Warfare” vendor NSO Group produces and sells a mobile phone spyware suite called Pegasus.